Over the last few months, we’ve been tracking Dyre and reporting changes to the malware on this blog. Dyre’s latest iteration shows yet another shift in tactics – one that combines characteristics of Dyre with Upatre code to create a new downloader… Figures 1, 2, 3 and 4 shows three different emails, all with the same content but with different malicious links, which we we’ll use interchangeably in our examples.